Privacy Policy

1. Who We Are

PRYZMA LTD is the data controller for any personal data processed in connection with our website and services. We are registered in England and Wales, with our registered office at 128 City Road, London, EC1V 2NX.

If you have questions about how we handle your data, contact us at contact@pryzma.uk.

2. Data We Collect

2.1 Data you provide directly

• Contact form submissions — name, email address, subject, and message content.
• Newsletter subscriptions — email address.
• Client engagements — business contact details, project requirements, and correspondence.

2.2 Data collected automatically

• Server logs — IP addresses, browser type, pages visited, and timestamps (for security and diagnostic purposes).
• Cookies — see section 8 below.

3. How We Use Your Data

• To respond to enquiries submitted via our contact form.
• To deliver agreed services and manage client relationships.
• To send newsletters or product updates where you have opted in.
• To comply with legal obligations, including tax and accounting requirements.
• To improve our website's performance and security.

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

4. Legal Basis for Processing

• Contractual necessity — processing required to deliver our services.
• Legitimate interests — responding to enquiries and improving our website.
• Consent — newsletter subscriptions (you may withdraw consent at any time).
• Legal obligation — compliance with applicable UK law.

5. Sharing Your Data

We may share your data with:

• Service providers — cloud hosting, email delivery, and accounting tools, all bound by data processing agreements.
• Legal authorities — where required by law, court order, or regulatory obligation.

All third-party processors are contractually obligated to keep your data secure and to process it only on our instructions.

6. Data Retention

• Contact enquiries — retained for up to 2 years, or longer if an engagement results.
• Client records — retained for 7 years after the end of the engagement for legal and accounting purposes.
• Newsletter subscriptions — retained until you unsubscribe.
• Server logs — retained for up to 90 days.

7. Your Rights

Under UK GDPR, you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate or incomplete data.
• Erasure — request deletion of your data (subject to legal retention obligations).
• Restriction — request we limit processing of your data.
• Data portability — receive your data in a machine-readable format.
• Object — object to processing based on legitimate interests.
• Withdraw consent — for any consent-based processing at any time.

To exercise any of these rights, email contact@pryzma.uk. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Cookies

This website uses minimal cookies:

• Session cookies — essential for form anti-forgery token validation. These expire when you close your browser.
• Analytics cookies — if analytics are enabled, anonymised usage data may be collected. No personal identifiers are stored.

You can control cookies through your browser settings. Disabling cookies may affect some website functionality.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include TLS encryption in transit, access controls, and regular security reviews.

In the event of a data breach that is likely to result in a risk to your rights, we will notify the ICO within 72 hours and affected individuals without undue delay where required.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated "Last updated" date. For significant changes, we will provide a more prominent notice.

11. Contact Us

For privacy-related enquiries or to exercise your rights: